import { Router } from 'express';
import { body } from 'express-validator';
import { validateRequest } from '../../middleware/validation';
import { authenticateClient } from '../../middleware/auth';
import { ClientAuthController } from '../../api/controllers/authController';
import { skipLog } from '../../middleware/operationLog';

const router = Router();
const authController = new ClientAuthController();

/**
 * @swagger
 * /api/client/auth/register:
 *   post:
 *     summary: 用户注册
 *     tags: [客户端认证]
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - email
 *               - password
 *             properties:
 *               username:
 *                 type: string
 *                 description: 用户名
 *               email:
 *                 type: string
 *                 format: email
 *                 description: 邮箱
 *               password:
 *                 type: string
 *                 minLength: 6
 *                 description: 密码
 *               realName:
 *                 type: string
 *                 description: 真实姓名
 *               phone:
 *                 type: string
 *                 description: 手机号
 *     responses:
 *       201:
 *         description: 注册成功
 *       400:
 *         description: 请求参数错误
 */
router.post('/register', [
  body('username')
    .isLength({ min: 3, max: 50 })
    .withMessage('用户名长度必须在3-50个字符之间')
    .matches(/^[a-zA-Z0-9_]+$/)
    .withMessage('用户名只能包含字母、数字和下划线'),
  body('email')
    .isEmail()
    .withMessage('请输入有效的邮箱地址'),
  body('password')
    .isLength({ min: 6 })
    .withMessage('密码长度至少6个字符'),
  body('realName')
    .optional()
    .isLength({ max: 100 })
    .withMessage('真实姓名长度不能超过100个字符'),
  body('phone')
    .optional()
    .matches(/^1[3-9]\d{9}$/)
    .withMessage('请输入有效的手机号'),
  validateRequest
], authController.register);

/**
 * @swagger
 * /api/client/auth/login:
 *   post:
 *     summary: 用户登录
 *     tags: [客户端认证]
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - password
 *             properties:
 *               username:
 *                 type: string
 *                 description: 用户名或邮箱
 *               password:
 *                 type: string
 *                 description: 密码
 *     responses:
 *       200:
 *         description: 登录成功
 *       401:
 *         description: 用户名或密码错误
 */
router.post('/login', [
  body('username')
    .notEmpty()
    .withMessage('用户名不能为空'),
  body('password')
    .notEmpty()
    .withMessage('密码不能为空'),
  validateRequest
], authController.login);

/**
 * @swagger
 * /api/client/auth/guest-login:
 *   post:
 *     summary: 游客登录
 *     tags: [客户端认证]
 *     description: 无需用户名密码，直接获取临时游客权限
 *     responses:
 *       200:
 *         description: 游客登录成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 code:
 *                   type: integer
 *                   example: 200
 *                 message:
 *                   type: string
 *                   example: 游客登录成功
 *                 data:
 *                   type: object
 *                   properties:
 *                     user:
 *                       type: object
 *                       properties:
 *                         id:
 *                           type: string
 *                           description: 游客ID
 *                           example: guest_1234567890_abc123def
 *                         username:
 *                           type: string
 *                           example: 游客
 *                         realName:
 *                           type: string
 *                           example: 游客用户
 *                         isGuest:
 *                           type: boolean
 *                           example: true
 *                         status:
 *                           type: string
 *                           example: ACTIVE
 *                         roles:
 *                           type: array
 *                           items:
 *                             type: object
 *                             properties:
 *                               id:
 *                                 type: string
 *                                 example: guest_role
 *                               name:
 *                                 type: string
 *                                 example: 游客
 *                               permissions:
 *                                 type: array
 *                                 items:
 *                                   type: object
 *                                   properties:
 *                                     code:
 *                                       type: string
 *                                       example: GUEST_BASIC
 *                                     name:
 *                                       type: string
 *                                       example: 基础访问权限
 *                     token:
 *                       type: string
 *                       description: 游客访问令牌（24小时有效期）
 *                     refreshToken:
 *                       type: null
 *                       description: 游客不需要刷新令牌
 *       500:
 *         description: 服务器内部错误
 */
router.post('/guest-login', authController.guestLogin);

/**
 * @swagger
 * /api/client/auth/logout:
 *   post:
 *     summary: 用户登出
 *     tags: [客户端认证]
 *     security:
 *       - bearerAuth: []
 *     responses:
 *       200:
 *         description: 登出成功
 */
router.post('/logout', authenticateClient, authController.logout);

/**
 * @swagger
 * /api/client/auth/refresh:
 *   post:
 *     summary: 刷新访问令牌
 *     tags: [客户端认证]
 *     security:
 *       - bearerAuth: []
 *     responses:
 *       200:
 *         description: 刷新成功
 *       401:
 *         description: 刷新令牌无效
 */
router.post('/refresh', authenticateClient, authController.refreshToken);

/**
 * @swagger
 * /api/client/auth/profile:
 *   get:
 *     summary: 获取当前用户信息
 *     tags: [客户端认证]
 *     security:
 *       - bearerAuth: []
 *     responses:
 *       200:
 *         description: 获取成功
 *       401:
 *         description: 未授权
 */
router.get('/profile', authenticateClient, skipLog, authController.getProfile);

/**
 * @swagger
 * /api/client/auth/change-password:
 *   post:
 *     summary: 修改密码
 *     tags: [客户端认证]
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - currentPassword
 *               - newPassword
 *             properties:
 *               currentPassword:
 *                 type: string
 *                 description: 当前密码
 *               newPassword:
 *                 type: string
 *                 minLength: 6
 *                 description: 新密码
 *     responses:
 *       200:
 *         description: 修改成功
 *       400:
 *         description: 当前密码错误
 */
router.post('/change-password', [
  authenticateClient,
  body('currentPassword')
    .notEmpty()
    .withMessage('当前密码不能为空'),
  body('newPassword')
    .isLength({ min: 6 })
    .withMessage('新密码长度至少6个字符'),
  validateRequest
], authController.changePassword);

export default router; 